How to create sub-users for Cloud Object Storage powered by Wasabi



TABLE OF CONTENTS

Description

  • A user is an individual for whom you create Wasabi authentication, giving that person permission to per­form actions in Wasabi.

  • To assign sub-users to a group, we suggest creating groups first. Here is the article about creating groups and assigning policies if needed.

  • An external identity provider for authentication, like SAML (Security Assertion Markup Language), cannot be enabled.

Important Notes

You can create a maximum of four thousand nine hundred ninety-nine (4999) sub-users per account.

Procedure

  1. Login to the Wasabi console using your credentials (using the root account or a sub-user with Administrator Access).

    Graphical user interface, application, website Description automatically generated
     
  2. Go to the Users section and click on CREATE USER.

    Graphical user interface, application Description automatically generated

  3. Specify the following information for the new user and click on NEXT:
     
    • Username (Note: It can contain only alphanumeric characters and the following special characters: plus sign (+), equal sign (=), period (.), ampersand (@), dash (-), underscore (_))

    • Type of access (Note: By enabling programmatic access, the user gets an access key and secret key at the end of the procedure to create a user)

    • Password

      Graphical user interface, text, application, email Description automatically generated

  4. Optional but strongly recommended – Assign the new user to a group.
    Then, click on NEXT

    Graphical user interface Description automatically generated with medium confidence

  5. Optional – Assign the new user to a policy.
    In this example, a policy is already assigned on the group level.

    Then, click on NEXT

    Graphical user interface, application, Teams Description automatically generated

  6. Review user settings and click on CREATE USER.

    A picture containing chart Description automatically generated

  7. Select between creating another user or close the window.

    Diagram Description automatically generated with medium confidence

  8. Optional but recommended – Create an account Alias

    To login as a sub-user, the root account email or account alias must be provided.

    To create an Account Alias, go to the Settings section, then Account Alias.

    Graphical user interface, text, application, email Description automatically generated

    Then, enter the desired alias (example: yourcompanyname or abbreviation) and click on SAVE.

     

Login as a sub-user

You can now provide the temporary credentials, URL & account alias to the user.

 

The user must sign in as a sub-user.
 

If the “Password Reset” option was kept, the user will be prompt to change its password at first login.


Graphical user interface, website Description automatically generated


Graphical user interface, application, website Description automatically generated


Graphical user interface, text Description automatically generated

The sub-user can now have access to the console with applied policies (at user and/or group level).

Graphical user interface Description automatically generated 

Multi-factor authentication (MFA)

Optionally, the multi-factor authentication (MFA) can be enabled for increased security. Please review this article for more details